Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2010-5105 at MITRE


The undo save quit routine in the kernel in Blender 2.5, 2.63a, and earlier allows local users to overwrite arbitrary files via a symlink attack on the quit.blend temporary file. NOTE: this issue might be a regression of CVE-2008-1103.
CVSS v2 Scores
  National Vulnerability Database
Base Score 3.32
Vector AV:L/AC:M/Au:N/C:N/I:P/A:P
Access Vector Local
Access Complexity Medium
Authentication None
Confidentiality Impact None
Integrity Impact Partial
Availability Impact Partial

SUSE information

SUSE Bugzilla entry: 779210 [RESOLVED / FIXED]

SUSE Security Advisories: